Securing Software, Together
Collaborating with service providers
Once the service provider validates the credential, they decide whether they should revoke the token, issue a new token, or reach out to a user directly.
Keeping GitHub tokens secret
When a valid GitHub token is pushed to a public repository, we’ll revoke it and notify the token owner within seconds.
Growing support for popular service providers
Token scanning supports tokens from Alibaba Cloud, Atlassian, AWS, Azure, Dropbox, Discord, Google Cloud, Mailgun, npm, Proctorio, Pulumi, Slack, Stripe, and Twilio, with more added all of the time.
from Hacker News https://ift.tt/34NlfvH